Before you begin setting up your network infrastructure, be sure to consider whether you will need a QTP certificate for your servers. If you do, then you should be aware that there are many differences between a traditional SSL certificate and a QoS-based certificate. With an SSL certificate, an outside party will verify the authenticity of your site by connecting to the secure server where the private key resides and reading the digital signature embedded in it. If the server cannot read that signature, then the website will be rejected. On the other hand, when you have a QoS-based certificate, an administrator will be able to view the various QoS policies that apply to a particular server (for instance, the policy to deny or allow all traffic to a particular port) before determining whether or not to allow a particular client to proceed with his request.
Best QTP certificate for your servers
There is also a difference between an SSL certificate and a QoS-based one. With an SSL certificate, an external third party will inspect the digital signature at the URL during secure connection. At that point, if the signature matches what is expected, the browser will allow the data to proceed regardless of whether or not the server is secure. If, however, the server cannot authenticate itself at that point (because an attacker got on the secure server before the browser could complete its authentication process), then the website would be denied access. That is the main difference.
If you do not want to wait for your site to be reviewed at the secure server before it can proceed, then you should go the extra mile and request a QoS-based certificate. You can still set up your site to accept SSL/TLS in the future, but by making that switch now, you can avoid any potential security problems down the road. And, since you can configure all your web applications so that they run on anything that is compliant with the latest standards (including the latest SSL draft and latest QoS policies), you will be much further ahead in terms of security. After all, if you want to be on the cutting edge of security, then your application needs to be as well!Continue Reading